Find chapters in your area

More IT Professionals Turn to Cybersecurity Roles

Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.

Page Image

Image Caption

Page Content

While more U.S. IT professionals are pleased with their jobs, a new report reveals that just over half of them are interested in careers in cybersecurity.

Good thing, too. Of the 6 million open technology jobs in the United States, 2 million are in cybersecurity, said Edie Fraser, founder of the Washington, D.C.-based consultancy STEM Connector. What's more, additional cybersecurity professionals are necessary, experts say, to help stem the tide of increasing data breaches.

Evaluating IT Workforce Needs, a new report from Downers Grove, Ill.-based IT industry association CompTIA, shows that nearly eight out of 10 IT professionals report being mostly satisfied with their jobs overall. And 51 percent of the 820 IT professionals surveyed expressed an interest in working on cybersecurity-related issues.

That's ahead of the 30 percent interested in working on the Internet of Things (IoT) and the 20 percent considering artificial intelligence (AI).

"The tech industry's challenge is America's challenge: developing a robust workforce that can effectively fill the IT jobs of the 21st century, whether those jobs are in cybersecurity, IoT, AI or some new technology that's still to come," said Nancy Hammervik, executive vice president of industry relations at CompTIA.

"We need to attract and recruit a diverse workforce of individuals—with and without college degrees—and support them in their career growth," she said.

That hasn't been an easy thing to accomplish.

Nearly a quarter of respondents to CompTIA's study say they are concerned about their IT skills becoming obsolete. That could hurt the industry's ability to fill the millions of tech jobs expected to be available through 2024.

"Companies in the tech industry are struggling to close a gap between the number of jobs they have open and the number of qualified applicants," said Steven Ostrowski, CompTIA's director of corporate communications. "One step employers can take is to make a concerted effort to become more inclusive in their hiring … by examining their hiring process. Employers need to look beyond traditional job boards and help-wanted ads to find a broader pool of candidates."

Data breach is on the rise. The Identity Theft Resource Center stated in its mid-year report in June that data breaches were up 29 percent from the same time last year.

"Continuing education, ongoing training and professional certifications are the best ways for IT professionals to strengthen and keep current their skills, whether in cybersecurity or some other aspect of technology," Ostrowski said. "Within the cybersecurity realm, certifications that are vendor-neutral, those that cover common skills and knowledge regardless of the products in use, carry the most weight with employers."

Those in the industry say there are four actions that could help improve the number of cybersecurity professionals working here in the U.S. They are:

Passing the CHANCE in Tech Act. The Championing Apprenticeships for New Careers and Employees (CHANCE) in Technology Act was introduced in the U.S. House by Rep. Seth Moulton, D-Mass., earlier this year. It directs the Secretary of Labor to award contracts that support apprenticeship programs that facilitate public-private partnerships, ensure that quality candidates are recruited, and provide compressed and targeted training to meet specific employer needs.

Creating more programs like GenCyber. Jointly funded by the National Security Agency and the National Science Foundation, the program provides cybersecurity summer camp experiences for middle and high school students. It also helps teachers learn how to teach cybersecurity.

Providing government support for training cybersecurity professionals. "Legislation introduced this year to expand the [Department of Defense] Cyber Scholarship Program Act and Scholarships Opportunity Act deserve support," Ostrowski said. Both programs help offset tuition and training programs in return for commitments by scholarship recipients to work for the government.

Offering easy ways for workers to identify the training they need. The National Initiative for Cybersecurity Education (NICE), sponsored by the National Institute of Standards and Technology (NIST), is a cybersecurity education, training and workforce partnership among the U.S. government, academia and the private sector that merits ongoing funding, Ostrowski said. The NICE Workforce Framework classifies cyber workers by describing roles across work categories.

Was this article useful? SHRM offers thousands of tools, templates and other exclusive member benefits, including compliance updates, sample policies, HR expert advice, education discounts, a growing online member community and much more. Join/Renew Now and let SHRM help you work smarter.

Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.